Skip to main content
CVE-2015-0072 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 88.6%.

XSS Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
88.6%
Threat
5.0
CVE-2015-0589 CRITICAL Act Now

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Server
NVD
CVSS 2.0
9.0
EPSS
0.7%
CVE-2013-5557 MEDIUM This Month

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software
NVD
CVSS 2.0
6.3
EPSS
0.3%
CVE-2015-0600 MEDIUM This Month

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Ip Phones 9900 Series Firmware
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2014-9203 MEDIUM This Month

Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow 12400 Level Transmitter Device Type Manager Svi Ii Ap Positioner Device Type Manager Vector Device Type Manager +1
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2015-0602 MEDIUM This Month

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Ip Phones 9900 Series Firmware
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0604 MEDIUM This Month

The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Ip Phones 9971 Firmware Unified Ip Phones 9951 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0601 MEDIUM This Month

Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Ip Phones 9971 Firmware Unified Ip Phones 9951 Firmware
NVD
CVSS 2.0
4.6
EPSS
0.3%
CVE-2015-0603 MEDIUM This Month

Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Denial Of Service Unified Ip Phones 9900 Series Firmware
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2015-0605 MEDIUM This Month

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Asyncos
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2015-0871 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Mrs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Guestbook
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy